Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,377 advisories

Loading
The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict access, which allows remote... High Unreviewed
CVE-2015-2816 was published May 14, 2022
Mediawiki tarball is missing .htaccess files Moderate
CVE-2018-13258 was published for mediawiki/core (Composer) May 14, 2022
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P... High Unreviewed
CVE-2016-2278 was published May 14, 2022
modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS... High Unreviewed
CVE-2014-9773 was published May 14, 2022
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a... Low Unreviewed
CVE-2015-0820 was published May 14, 2022
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections... Moderate Unreviewed
CVE-2015-3148 was published May 14, 2022
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same... High Unreviewed
CVE-2016-1675 was published May 14, 2022
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0... High Unreviewed
CVE-2016-1676 was published May 14, 2022
browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use... Moderate Unreviewed
CVE-2016-1693 was published May 14, 2022
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP... Moderate Unreviewed
CVE-2016-1694 was published May 14, 2022
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as... High Unreviewed
CVE-2016-1697 was published May 14, 2022
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704... Moderate Unreviewed
CVE-2016-1692 was published May 14, 2022
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in... Moderate Unreviewed
CVE-2016-1699 was published May 14, 2022
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the... Moderate Unreviewed
CVE-2016-2822 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify... Moderate Unreviewed
CVE-2016-2825 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a... Moderate Unreviewed
CVE-2016-2829 was published May 14, 2022
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1)... Moderate Unreviewed
CVE-2016-3992 was published May 14, 2022
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote... Moderate Unreviewed
CVE-2016-5104 was published May 14, 2022
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution... High Unreviewed
CVE-2016-6323 was published May 14, 2022
The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM... High Unreviewed
CVE-2016-1667 was published May 14, 2022
The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in... High Unreviewed
CVE-2016-1668 was published May 14, 2022
Salt Improper Access Control High
CVE-2016-1866 was published for salt (pip) May 14, 2022
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote... High Unreviewed
CVE-2016-1656 was published May 14, 2022
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12... Moderate Unreviewed
CVE-2016-5601 was published May 14, 2022
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5... High Unreviewed
CVE-2016-2119 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database